General

  • Target

    6a2f78fd728fdf56e1674632e7f5a5ed

  • Size

    1.5MB

  • Sample

    240120-mhb53agcgn

  • MD5

    6a2f78fd728fdf56e1674632e7f5a5ed

  • SHA1

    ff8ef932fc913e7f6affbaf71c85ef9e39651c7b

  • SHA256

    7cdb42626487138e394194e7d97f06affc9a4cba685fca6d1a496bd1765140f9

  • SHA512

    355a81750538976caaac04368d5bcfe05f31f8e22cf993a45e8ba54e113770c16a4ee36cf57f1b7b625bbd5d02b8c8c7d5e70f330e7861907844496ed23a9a44

  • SSDEEP

    12288:lVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:8fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      6a2f78fd728fdf56e1674632e7f5a5ed

    • Size

      1.5MB

    • MD5

      6a2f78fd728fdf56e1674632e7f5a5ed

    • SHA1

      ff8ef932fc913e7f6affbaf71c85ef9e39651c7b

    • SHA256

      7cdb42626487138e394194e7d97f06affc9a4cba685fca6d1a496bd1765140f9

    • SHA512

      355a81750538976caaac04368d5bcfe05f31f8e22cf993a45e8ba54e113770c16a4ee36cf57f1b7b625bbd5d02b8c8c7d5e70f330e7861907844496ed23a9a44

    • SSDEEP

      12288:lVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:8fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks